The Internet of Things (IoT) is the term given to everyday objects (not just traditional computing devices, such as laptops and smartphones) which are connected to the internet. Other language used in connection with the IoT include: connected devices, smart objects, the internet of services, machine-to-machine (M2M) technology, sensor networks, the network of networks and pervasive computing or ubiquitous computing.
IoT can be applied to objects as diverse as running shoes, buildings, cars, fridge-freezers and drones. Using embedded technology, such objects can communicate and interact over the internet, with each other, the user, the service provider and/or their environment, and they can be remotely monitored and controlled.
This Practice Note provides an introduction to IoT technology and considers the following issues:
- The technology behind the IoT
- Identifying the legal issues
- Application programming interfaces (APIs)
- Telecommunications and electrical equipment
- Intellectual property—overview
- Intellectual property rights ownership and licensing issues
- Competition law
- Consumer protection
- Liability and fault
- Compliance requirements
- The appropriate contracting model
- Legal issues of the future
This Practice Note does not consider data protection, privacy or cybersecurity. These issues are addressed separately in Practice Note: Internet of things (IoT)—data protection, privacy and security.
The technology behind the IoT
The introduction of internet protocol version 6 (see: LNB News 27/05/2008 64), the availability of cheaper electronic technology, the ubiquity of connectivity (access to the internet, particularly via mobile phone networks) and cloud computing are some of the developments that have enabled rapid growth in the IoT.
Current applications of the IoT exist in:
- the health sector—particularly monitoring patients through wearable technology and smart objects, known as e-Health
- agriculture—with ‘smart farming’ and the use of drones and autonomous and connected farm vehicles to increase efficiencies and yields
- advertising—using data collected through the IoT to provide targeted advertising services
- efficient living—the application of smart meters in the home to track and regulate energy consumption, smart home devices enabling remote control and smart speakers and personal assistants
- transport—connected vehicles capable of logging and transmitting vehicle, performance and driver data and facilitating autonomous functionality
- industry—enabling automated warehouses, manufacturing processes and automated delivery options
- public sector—enabling smart monitoring of public spaces and automated response across a variety of applications, ranging from police and public order to monitoring and maintenance of roads and public buildings and infrastructure
Growth areas and emerging applications for IoT technology include:
- smart cities—autonomous and remote management of maintenance and development through collected data; increased automation of facilities; use of video camera surveillance and facial recognition technologies
- increasingly intelligent and fully automated systems—as developments in artificial intelligence (AI) and M2M learning advance, their use in combination with the IoT will lead to increased capabilities for everyday objects and systems
- advances in security software—a likely focal point being the increased security of router technology—the entry point of the internet into the home
- autonomous and connected vehicles—continued development and growth in this sector is expected at pace
The rise of the IoT is linked to the coming about of Industry 4.0, a ‘buzzword’ used to describe the so-called ‘fourth’ revolution happening in manufacturing.
It began in the ‘third’ manufacturing revolution with the adoption of computers and automation and is said to be continuing through enhancements afforded by smart and autonomous systems; enabled by data and machine learning. The ‘smart’ factory is made possible through automation and machine intelligence.
A network of smart machines, digitally connected to one another and creating and sharing data, delivers efficiencies:
- identifying opportunities for optimisation quickly and efficiently using data analytics and the identification of patterns and insights, informing maintenance, performance and other issues
- utilising organic logistics and supply chains which automatically adjust to accommodate changes in input data, for example, adjusting manufacturing priorities to accommodate supply delays caused by weather
- driving autonomous vehicles, equipment and robotics
Identifying the legal issues
The application of the IoT, and its related technologies, continues to evolve, enabling new and innovative business models. The trend promotes a shift away from businesses and business models based on one-time product sales and towards models which deliver products which depend on, or are designed with, ‘value added’ services, delivered on an ongoing basis through software and the internet.
In 2015, Oliver Wyman identified six service patterns, accelerated by the IoT:
- reinforced product value—offering added value to an existing product, for example, adding sensors to sports equipment to allow players to analyse their game and improve their technique
- product to service—for example, predictive maintenance services offering services which complement the traditional physical product
- new service—available as a result of increased connectivity and available data
- service with no object—services facilitated by or arising out of other developments in the IoT
- product and service as a service—the ability to pay for products according to usage as a result of easy access to usage data facilitated by the IoT
- infinitely personalisable services—the IoT enabling services based on action and reaction pairs
Service models and patterns continue to emerge through innovative application and are combined with and applied to all types of product or service within any number of differing industry sectors.
This Practice Note draws out the key legal issues likely to be relevant to most IoT applications in the majority of circumstances, but in each case it will be important to carry out thorough due diligence, considering all aspects of the IoT application in all applicable jurisdictions to identify all relevant legislation.
New patterns of business and the contract structures underpinning them require careful thought in their design and formation, particularly in sectors like healthcare and financial services where there are likely to be additional layers of detailed specific regulatory rules to comply with.
This Practice Note does not consider legal issues arising in connection with:
- data—predicated on sensors and the collection and transfer of data, associated legal issues are high on the agenda in relation to the IoT. Companies that previously collected little or no information about their customers and products find themselves able to gather both product performance or usage data as well as personal customer data. Data protection and security compliance issues present a steep learning curve in such cases
- security—in addition to the existing body of law, regulators are increasingly focused on security, privacy and ethical concerns surrounding the application and development of this area of technology and are developing guidance, standards and regulations to address them. Building trust among consumers around the new infrastructures and capabilities is critical, particularly when set against the increasing consumer awareness of weaknesses and fallibilities of IoT devices and their susceptibility to hacks and data leaks